diff options
author | Todd C. Miller <Todd.Miller@courtesan.com> | 1999-08-12 14:37:27 +0000 |
---|---|---|
committer | Todd C. Miller <Todd.Miller@courtesan.com> | 1999-08-12 14:37:27 +0000 |
commit | cc4fd07542ca07086fc1a7401fc8c85068e9c843 (patch) | |
tree | 5d74a536e35851ba8d80148cedc243b1ceead6af /sudo.tab.c | |
parent | 19d15f2c2482d8346f4aaca112945b14eb9740f6 (diff) | |
download | sudo-cc4fd07542ca07086fc1a7401fc8c85068e9c843.tar.gz |
o Add a "pedentic" flag to the parser. This makes sudo warn in cases
where an alias may be used before it is defined. Only turned on for visudo
and testsudoers.
o Add --disable-authentication option that makes sudo not require
authentication by default. The PASSWD tag can be used to require
authentication for an entry. We no longer overload --without-passwd.
Diffstat (limited to 'sudo.tab.c')
-rw-r--r-- | sudo.tab.c | 158 |
1 files changed, 91 insertions, 67 deletions
diff --git a/sudo.tab.c b/sudo.tab.c index c0c254c77..dd168d5f4 100644 --- a/sudo.tab.c +++ b/sudo.tab.c @@ -106,8 +106,14 @@ static const char rcsid[] = "$Sudo$"; */ extern int sudolineno, parse_error; int errorlineno = -1; -int clearaliases = 1; +int clearaliases = TRUE; int printmatches = FALSE; +int pedantic = FALSE; +#ifdef NO_AUTHENTICATION +int pwdef = TRUE; +#else +int pwdef = -1; +#endif /* * Alias types @@ -133,7 +139,7 @@ int top = 0, stacksize = 0; match[top].cmnd = -1; \ match[top].host = -1; \ match[top].runas = -1; \ - match[top].nopass = -1; \ + match[top].nopass = pwdef; \ top++; \ } @@ -216,14 +222,14 @@ yyerror(s) #endif parse_error = TRUE; } -#line 203 "parse.yacc" +#line 209 "parse.yacc" typedef union { char *string; int BOOLEAN; struct sudo_command command; int tok; } YYSTYPE; -#line 227 "sudo.tab.c" +#line 233 "sudo.tab.c" #define ALIAS 257 #define NTWKADDR 258 #define FQHOST 259 @@ -530,7 +536,7 @@ short *yyss; short *yysslim; YYSTYPE *yyvs; int yystacksize; -#line 719 "parse.yacc" +#line 741 "parse.yacc" #define MOREALIASES (32) aliasinfo *aliases = NULL; @@ -712,8 +718,10 @@ list_matches() } /* Is a password required? */ - if (cm_list[i].nopasswd == TRUE) + if (cm_list[i].nopasswd == TRUE && pwdef != TRUE) (void) fputs("NOPASSWD: ", stdout); + else if (cm_list[i].nopasswd == FALSE && pwdef == TRUE) + (void) fputs("PASSWD: ", stdout); /* Print the actual command or expanded Cmnd_Alias. */ key.alias = cm_list[i].cmnd; @@ -869,7 +877,7 @@ init_parser() if (printmatches == TRUE) expand_match_list(); } -#line 873 "sudo.tab.c" +#line 881 "sudo.tab.c" /* allocate initial stack or double stack size, up to YYMAXDEPTH */ #if defined(__cplusplus) || __STDC__ static int yygrowstack(void) @@ -1050,42 +1058,42 @@ yyreduce: switch (yyn) { case 3: -#line 250 "parse.yacc" +#line 256 "parse.yacc" { ; } break; case 4: -#line 252 "parse.yacc" +#line 258 "parse.yacc" { yyerrok; } break; case 5: -#line 253 "parse.yacc" +#line 259 "parse.yacc" { push; } break; case 6: -#line 253 "parse.yacc" +#line 259 "parse.yacc" { while (top && user_matches != TRUE) pop; } break; case 7: -#line 258 "parse.yacc" +#line 264 "parse.yacc" { ; } break; case 8: -#line 260 "parse.yacc" +#line 266 "parse.yacc" { ; } break; case 9: -#line 262 "parse.yacc" +#line 268 "parse.yacc" { ; } break; case 10: -#line 264 "parse.yacc" +#line 270 "parse.yacc" { ; } break; case 13: -#line 272 "parse.yacc" +#line 278 "parse.yacc" { /* * We already did a push if necessary in @@ -1094,32 +1102,32 @@ case 13: */ host_matches = -1; runas_matches = -1; - no_passwd = -1; + no_passwd = pwdef; } break; case 14: -#line 284 "parse.yacc" +#line 290 "parse.yacc" { if (yyvsp[0].BOOLEAN != -1) host_matches = yyvsp[0].BOOLEAN; } break; case 15: -#line 288 "parse.yacc" +#line 294 "parse.yacc" { if (yyvsp[0].BOOLEAN != -1) host_matches = !yyvsp[0].BOOLEAN; } break; case 16: -#line 293 "parse.yacc" +#line 299 "parse.yacc" { yyval.BOOLEAN = TRUE; free(yyvsp[0].string); } break; case 17: -#line 297 "parse.yacc" +#line 303 "parse.yacc" { if (addr_matches(yyvsp[0].string)) yyval.BOOLEAN = TRUE; @@ -1129,7 +1137,7 @@ case 17: } break; case 18: -#line 304 "parse.yacc" +#line 310 "parse.yacc" { if (netgr_matches(yyvsp[0].string, user_host, NULL)) yyval.BOOLEAN = TRUE; @@ -1139,7 +1147,7 @@ case 18: } break; case 19: -#line 311 "parse.yacc" +#line 317 "parse.yacc" { if (strcasecmp(user_shost, yyvsp[0].string) == 0) yyval.BOOLEAN = TRUE; @@ -1149,7 +1157,7 @@ case 19: } break; case 20: -#line 318 "parse.yacc" +#line 324 "parse.yacc" { if (strcasecmp(user_host, yyvsp[0].string) == 0) yyval.BOOLEAN = TRUE; @@ -1159,7 +1167,7 @@ case 20: } break; case 21: -#line 325 "parse.yacc" +#line 331 "parse.yacc" { aliasinfo *aip = find_alias(yyvsp[0].string, HOST_ALIAS); @@ -1168,13 +1176,17 @@ case 21: yyval.BOOLEAN = aip->val; else if (strcasecmp(user_shost, yyvsp[0].string) == 0) yyval.BOOLEAN = TRUE; - else + else { + if (pedantic) + (void) fprintf(stderr, + "Warning: undeclared Host_Alias `%s' referenced near line %d\n", yyvsp[0].string, sudolineno); yyval.BOOLEAN = -1; + } free(yyvsp[0].string); } break; case 24: -#line 343 "parse.yacc" +#line 353 "parse.yacc" { /* * Push the entry onto the stack if it is worth @@ -1189,14 +1201,14 @@ case 24: } break; case 25: -#line 357 "parse.yacc" +#line 367 "parse.yacc" { if (yyvsp[0].BOOLEAN != -1) cmnd_matches = yyvsp[0].BOOLEAN; } break; case 26: -#line 361 "parse.yacc" +#line 371 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) @@ -1208,14 +1220,14 @@ case 26: } break; case 27: -#line 369 "parse.yacc" +#line 379 "parse.yacc" { if (yyvsp[0].BOOLEAN != -1) cmnd_matches = !yyvsp[0].BOOLEAN; } break; case 28: -#line 375 "parse.yacc" +#line 385 "parse.yacc" { if (printmatches == TRUE && host_matches == TRUE && user_matches == TRUE) { @@ -1241,18 +1253,18 @@ case 28: } break; case 29: -#line 398 "parse.yacc" +#line 408 "parse.yacc" { ; } break; case 32: -#line 405 "parse.yacc" +#line 415 "parse.yacc" { if (yyvsp[0].BOOLEAN != -1) runas_matches = yyvsp[0].BOOLEAN; } break; case 33: -#line 409 "parse.yacc" +#line 419 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) @@ -1264,14 +1276,14 @@ case 33: } break; case 34: -#line 417 "parse.yacc" +#line 427 "parse.yacc" { if (yyvsp[0].BOOLEAN != -1) runas_matches = !yyvsp[0].BOOLEAN; } break; case 35: -#line 422 "parse.yacc" +#line 432 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) @@ -1288,7 +1300,7 @@ case 35: } break; case 36: -#line 436 "parse.yacc" +#line 446 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) @@ -1305,7 +1317,7 @@ case 36: } break; case 37: -#line 450 "parse.yacc" +#line 460 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) @@ -1322,7 +1334,7 @@ case 37: } break; case 38: -#line 464 "parse.yacc" +#line 474 "parse.yacc" { aliasinfo *aip = find_alias(yyvsp[0].string, RUNAS_ALIAS); @@ -1338,13 +1350,17 @@ case 38: yyval.BOOLEAN = aip->val; else if (strcmp(yyvsp[0].string, user_runas) == 0) yyval.BOOLEAN = TRUE; - else + else { + if (pedantic) + (void) fprintf(stderr, + "Warning: undeclared Runas_Alias `%s' referenced near line %d\n", yyvsp[0].string, sudolineno); yyval.BOOLEAN = -1; + } free(yyvsp[0].string); } break; case 39: -#line 483 "parse.yacc" +#line 497 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) @@ -1358,7 +1374,7 @@ case 39: } break; case 40: -#line 496 "parse.yacc" +#line 510 "parse.yacc" { /* Inherit NOPASSWD/PASSWD status. */ if (printmatches == TRUE && host_matches == TRUE && @@ -1371,7 +1387,7 @@ case 40: } break; case 41: -#line 506 "parse.yacc" +#line 520 "parse.yacc" { no_passwd = TRUE; if (printmatches == TRUE && host_matches == TRUE && @@ -1380,7 +1396,7 @@ case 41: } break; case 42: -#line 512 "parse.yacc" +#line 526 "parse.yacc" { no_passwd = FALSE; if (printmatches == TRUE && host_matches == TRUE && @@ -1389,7 +1405,7 @@ case 42: } break; case 43: -#line 520 "parse.yacc" +#line 534 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) @@ -1410,7 +1426,7 @@ case 43: } break; case 44: -#line 538 "parse.yacc" +#line 552 "parse.yacc" { aliasinfo *aip; @@ -1426,13 +1442,17 @@ case 44: if ((aip = find_alias(yyvsp[0].string, CMND_ALIAS))) yyval.BOOLEAN = aip->val; - else + else { + if (pedantic) + (void) fprintf(stderr, + "Warning: undeclared Cmnd_Alias `%s' referenced near line %d", yyvsp[0].string, sudolineno); yyval.BOOLEAN = -1; + } free(yyvsp[0].string); } break; case 45: -#line 557 "parse.yacc" +#line 575 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) { @@ -1461,11 +1481,11 @@ case 45: } break; case 48: -#line 589 "parse.yacc" +#line 607 "parse.yacc" { push; } break; case 49: -#line 589 "parse.yacc" +#line 607 "parse.yacc" { if (host_matches != -1 && !add_alias(yyvsp[-3].string, HOST_ALIAS, host_matches)) @@ -1474,7 +1494,7 @@ case 49: } break; case 54: -#line 605 "parse.yacc" +#line 623 "parse.yacc" { push; if (printmatches == TRUE) { @@ -1486,7 +1506,7 @@ case 54: } break; case 55: -#line 613 "parse.yacc" +#line 631 "parse.yacc" { if (cmnd_matches != -1 && !add_alias(yyvsp[-3].string, CMND_ALIAS, cmnd_matches)) @@ -1499,11 +1519,11 @@ case 55: } break; case 56: -#line 625 "parse.yacc" +#line 643 "parse.yacc" { ; } break; case 60: -#line 633 "parse.yacc" +#line 651 "parse.yacc" { push; if (printmatches == TRUE) { @@ -1515,7 +1535,7 @@ case 60: } break; case 61: -#line 641 "parse.yacc" +#line 659 "parse.yacc" { if (runas_matches != -1 && !add_alias(yyvsp[-3].string, RUNAS_ALIAS, runas_matches)) @@ -1528,11 +1548,11 @@ case 61: } break; case 64: -#line 657 "parse.yacc" +#line 675 "parse.yacc" { push; } break; case 65: -#line 657 "parse.yacc" +#line 675 "parse.yacc" { if (user_matches != -1 && !add_alias(yyvsp[-3].string, USER_ALIAS, user_matches)) @@ -1542,25 +1562,25 @@ case 65: } break; case 66: -#line 666 "parse.yacc" +#line 684 "parse.yacc" { ; } break; case 68: -#line 670 "parse.yacc" +#line 688 "parse.yacc" { if (yyvsp[0].BOOLEAN != -1) user_matches = yyvsp[0].BOOLEAN; } break; case 69: -#line 674 "parse.yacc" +#line 692 "parse.yacc" { if (yyvsp[0].BOOLEAN != -1) user_matches = !yyvsp[0].BOOLEAN; } break; case 70: -#line 679 "parse.yacc" +#line 697 "parse.yacc" { if (strcmp(yyvsp[0].string, user_name) == 0) yyval.BOOLEAN = TRUE; @@ -1570,7 +1590,7 @@ case 70: } break; case 71: -#line 686 "parse.yacc" +#line 704 "parse.yacc" { if (usergr_matches(yyvsp[0].string, user_name)) yyval.BOOLEAN = TRUE; @@ -1580,7 +1600,7 @@ case 71: } break; case 72: -#line 693 "parse.yacc" +#line 711 "parse.yacc" { if (netgr_matches(yyvsp[0].string, NULL, user_name)) yyval.BOOLEAN = TRUE; @@ -1590,7 +1610,7 @@ case 72: } break; case 73: -#line 700 "parse.yacc" +#line 718 "parse.yacc" { aliasinfo *aip = find_alias(yyvsp[0].string, USER_ALIAS); @@ -1599,19 +1619,23 @@ case 73: yyval.BOOLEAN = aip->val; else if (strcmp(yyvsp[0].string, user_name) == 0) yyval.BOOLEAN = TRUE; - else + else { + if (pedantic) + (void) fprintf(stderr, + "Warning: undeclared User_Alias `%s' referenced near line %d\n", yyvsp[0].string, sudolineno); yyval.BOOLEAN = -1; + } free(yyvsp[0].string); } break; case 74: -#line 712 "parse.yacc" +#line 734 "parse.yacc" { yyval.BOOLEAN = TRUE; free(yyvsp[0].string); } break; -#line 1615 "sudo.tab.c" +#line 1639 "sudo.tab.c" } yyssp -= yym; yystate = *yyssp; |